http: allow 'auth.prefix' to have a username consistent with the URI
authorMatt Harbison <matt_harbison@yahoo.com>
Fri, 16 Nov 2018 17:56:36 -0500
changeset 40663 c53f0ead5781
parent 40662 93e5d18251d6
child 40664 dba590f27c7a
http: allow 'auth.prefix' to have a username consistent with the URI It may be a little weird to put a username in the prefix, but the documentation doesn't disallow it, and silently disallowing it has caused confusion[1]. The username must match what is passed in (which seems to be from the URI via a circuitous route), as well as 'auth.username' if it was specified. I thought about printing a warning for a mismatch, but we already don't print a warning if the 'auth.username' and URI username don't match. This change allows the first and second last new test cases to work as expected. It looks like this would have been a problem since at least 0593e8f81c71. [1] https://www.mercurial-scm.org/pipermail/mercurial/2018-November/051069.html
mercurial/httpconnection.py
tests/test-hgweb-auth.py
tests/test-hgweb-auth.py.out
--- a/mercurial/httpconnection.py	Thu Nov 15 18:14:57 2018 -0500
+++ b/mercurial/httpconnection.py	Fri Nov 16 17:56:36 2018 -0500
@@ -92,6 +92,18 @@
         prefix = auth.get('prefix')
         if not prefix:
             continue
+
+        prefixurl = util.url(prefix)
+        if prefixurl.user and prefixurl.user != user:
+            # If a username was set in the prefix, it must match the username in
+            # the URI.
+            continue
+
+        # The URI passed in has been stripped of credentials, so erase the user
+        # here to allow simpler matching.
+        prefixurl.user = None
+        prefix = bytes(prefixurl)
+
         p = prefix.split('://', 1)
         if len(p) > 1:
             schemes, prefix = [p[0]], p[1]
--- a/tests/test-hgweb-auth.py	Thu Nov 15 18:14:57 2018 -0500
+++ b/tests/test-hgweb-auth.py	Fri Nov 16 17:56:36 2018 -0500
@@ -104,6 +104,39 @@
       'y.password': 'ypassword'},
      urls=['http://y@example.org/foo/bar'])
 
+print('\n*** Test user matching with name in prefix\n')
+
+# prefix, username and URL have the same user
+test({'x.prefix': 'https://example.org/foo',
+      'x.username': None,
+      'x.password': 'xpassword',
+      'y.prefix': 'http://y@example.org/foo',
+      'y.username': 'y',
+      'y.password': 'ypassword'},
+     urls=['http://y@example.org/foo'])
+# Prefix has a different user from username and URL
+test({'y.prefix': 'http://z@example.org/foo',
+      'y.username': 'y',
+      'y.password': 'ypassword'},
+     urls=['http://y@example.org/foo'])
+# Prefix has a different user from URL; no username
+test({'y.prefix': 'http://z@example.org/foo',
+      'y.password': 'ypassword'},
+     urls=['http://y@example.org/foo'])
+# Prefix and URL have same user, but doesn't match username
+test({'y.prefix': 'http://y@example.org/foo',
+      'y.username': 'z',
+      'y.password': 'ypassword'},
+     urls=['http://y@example.org/foo'])
+# Prefix and URL have the same user; no username
+test({'y.prefix': 'http://y@example.org/foo',
+      'y.password': 'ypassword'},
+     urls=['http://y@example.org/foo'])
+# Prefix user, but no URL user or username
+test({'y.prefix': 'http://y@example.org/foo',
+      'y.password': 'ypassword'},
+     urls=['http://example.org/foo'])
+
 def testauthinfo(fullurl, authurl):
     print('URIs:', fullurl, authurl)
     pm = urlreq.httppasswordmgrwithdefaultrealm()
--- a/tests/test-hgweb-auth.py.out	Thu Nov 15 18:14:57 2018 -0500
+++ b/tests/test-hgweb-auth.py.out	Fri Nov 16 17:56:36 2018 -0500
@@ -190,6 +190,27 @@
 URI: http://y@example.org/foo/bar
      ('y', 'xpassword')
 
+*** Test user matching with name in prefix
+
+CFG: {b'x.password': b'xpassword', b'x.prefix': b'https://example.org/foo', b'x.username': None, b'y.password': b'ypassword', b'y.prefix': b'http://y@example.org/foo', b'y.username': b'y'}
+URI: http://y@example.org/foo
+     ('y', 'ypassword')
+CFG: {b'y.password': b'ypassword', b'y.prefix': b'http://z@example.org/foo', b'y.username': b'y'}
+URI: http://y@example.org/foo
+     abort
+CFG: {b'y.password': b'ypassword', b'y.prefix': b'http://z@example.org/foo'}
+URI: http://y@example.org/foo
+     abort
+CFG: {b'y.password': b'ypassword', b'y.prefix': b'http://y@example.org/foo', b'y.username': b'z'}
+URI: http://y@example.org/foo
+     abort
+CFG: {b'y.password': b'ypassword', b'y.prefix': b'http://y@example.org/foo'}
+URI: http://y@example.org/foo
+     ('y', 'ypassword')
+CFG: {b'y.password': b'ypassword', b'y.prefix': b'http://y@example.org/foo'}
+URI: http://example.org/foo
+     abort
+
 *** Test urllib2 and util.url
 
 URIs: http://user@example.com:8080/foo http://example.com:8080/foo